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REMARKS 

SPECIFICATION 

Applicant traverses the Examiner's various objections to the specification. 

A substitute specification in proper idiomatic English as revised by the author of the 
original revised specification translation is provided. No new matter has been introduced. 

The substitute specification is based on a newly created translation (translation 
certification enclosed), revised to provide an improved translation in proper idiomatic 
English. In addition, the substitute specification has been amended, as indicated in 
accordance with 37 CFR 1.52(a) and (b). 

The present patent application is not concerned with the headings referred to as b), c), d), 
e) at page 3 of the Office Action. 

Consequently relevant headings a), f), g), h), i), j) and k) are introduced within the 
specification translation to comply with the Examiner's requirements. 

In particular, the following headings have been added: 

BACKGROUND OF THE INVENTION 

Field of the invention 

Prior Art 

SUMMARY OF THE INVENTION 

BRIEF DESCRIPTION OF THE DRAWINGS 

DESCRIPTION OF THE PREFERRED EMBODIMENTS 

Embedded hyperlink references have been deleted. 

Trademarks have been capitalized all along the specification translation. 

With respect to minor errors in the specification translation or even clerical errors and 
translation errors a careful checking has been performed so as to introduce the subsequent 
corrections through out the specification. 

Minor and clerical errors: 

— Page 21 (marked up version), lines 4, 5 and 6: 

The item "e" which is obviously wrong is corrected to -€- which clearly defines a 
symbol introducing the subtyping relationship of inheritance hierarchy between 
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classes of the applet. See particularly the subtyping relation definition at page 22 
from lines 24 to 31 (marked up version). 

— Page 34, lines 12, the original mentioned relationship between Ij and Alj is 
clearly erroneous. It is thus corrected to read: 

Ii~ Ali 

in accordance with step 500 of figure 4b 5 in which the same relation is introduced. 

— Page 35 at line 1, the question mark ("?") is clearly erroneous. With reference to 
step 501 at figure 4a, in which the same relationship between AE and Ii is quoted, 
the query mark is corrected to 

— Page 37, line 30, the question mark ("?") is erroneous and corrected to * as shown 
at step 504a of figure 5a. 

— Page 38, line 9, the character 3 is corrected to 3 the existence symbol with 
reference to step 504 of figure 5a. 

Translation errors: 

Some translation errors are now corrected, through out the specification and the 
drawings. 

— The term "on-board" is clearly wrong. 

With reference to page 1 from line 16 to line 30 relating to the prior art, the 
dummy "on-board" data-processing systems 10 clearly refers to an -embedded- 
data- processing systems, as known to any person of ordinary skill in the 
corresponding art. 

Consequently, the term "on-board" of the verified translated specification is 
corrected to read -embedded- through out the description. 

— The term "protocol" which might appear as misleading according to the 
Examiner's analysis is corrected to -process- all along the description. 

The title of the invention is corrected to read: 

— A method for transforming and verifying downloaded program fragments with 
data type restrictions and corresponding system.- 

An abstract of the disclosure is attached. A copy of the title page of the corresponding 
PCT international patent application WO 01/14958 is enclosed for the Examiner's 
consideration. 
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DRAWINGS 

Applicant traverses the Examiner's objection to the drawings as failing to comply with 37 
CFR1.84 (p)(4). 

Reference character 15 is objected to as having been used to designate both an EPROM 
and a serial link between Fig. la. 

Referring to the substitute specification translation (marked up copy) at page 2, line 22 
the correct reference number for permanent memory is "13", as also shown at Fig. la and 
lb. 

Applicant therefore corrects reference number 11 15" at page 1 line 21 of the specification 
translation to -13-, since the objected reference number "15" clearly corresponds to a 
clerical error only. 

Applicant respectfully traverses the Examiner's objection to the drawings under 37 CFR 
1.84(p)(5). The following comments and revisions are noted. 

— Reference character -13- in relation to Fig la is now introduced at page 1, line 21 
of the specification translation. 

— Reference character "103" of Fig 2 is missing in the specification translation. 

The specification translation at page 16, line 19 is corrected by adding reference 
character - 103 -. 

Missing reference character 103 clearly comes from a clerical error since step 
103a and step 103b clearly designate a successful and an unsuccessful response 
respectively to corresponding verification step, that should have been labeled - 
103- as shown at figure 2. 

— Reference character "306" of Fig 3d is missing in the specification translation. 
The item - at 306 - at page 25 is inserted between "stack" and "in" to read: 
-the verification process reinitializes the type stack at 306 in such a way...- 

— Reference character 16 of Fig 6 is missing in the specification translation. 
Applicant emphasizes that figure 6 clearly refers to Fig lb. 

Particularly, Fig 6 is said to disclose an embedded system 10 referred to as 10 that 
includes the essential components as shown at Fig lb (see particularly the 
specification translation at page 43 lines 15 to 18) in which item 16 is said to 
embody a virtual machine, 16 (see particularly the specification translation at page 
2 from line 24 to line 30). 
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— Consequently, adding further reference character 16 in relation to Fig 6 will not 
prove necessary, since the architecture of a reprogrammable embedded data 
processing system embodying a virtual machine is fully disclosed in the 
specification and fully know to one or ordinary skill in the corresponding art. 

CLAIMS 

Applicant respectfully traverses the Examiner's various objections to the claims. 
Multidependency of the original claims has been canceled. The amended claims have 
been recasted to comply with the Examiner's remarks. 

The applicant believes that in most cases the lengthy preamble is necessary to explain the 
invention. Wherever appropriate, the preamble has been split up, as per claims 15, 16 and 22, in 
which the technical features of the standardized object code which is obtained by applying the 
method of transforming of the invention are now recited at the end of each corresponding claim. 
Amending these claims this way will not introduce any new matter, since each claim content is 
unchanged, while the standardized object code features are now highlighted as the result which is 
obtained thanks to the claimed method. 

Original claims 1-3 have been canceled without prejudice. 

Claim 4 is amended and recast by canceling a, b, y headings and introducing 
corresponding indentation. 

Claims 5-6 are amended by canceling the symbols -L and T. Amending claim 5 and 6 in 
this manner does not introduce new matter. Underlining within the claims has been omitted. 
Dashes to delineate steps and/or items are canceled. Bullets points within the claims are 
canceled. 
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Claims 1 to 3 are canceled and objection under 35 USC 101 directed to objected claims 1 
to 3 is thus overcome. 

Moreover, the specification is amended by correcting each occurrence of the item 
"protocol" to -process-, since, in accordance with the protocol general definition, a protocol is 
known to concern data exchange among given units, particularly corresponding exchange steps. 

Applicant thus believes that the exchange steps better correspond to a process. 

Claims 23-25 are rejected, since they are not limited to statutory computer readable 

media. 

Claim 23 has been canceled without prejudice. 

Although the computer programs which are the object of the invention are downloaded 
onto a reprogrammable embedded system, or a system, and thus stored therein, claims 24 and 25 
are "A computer program product which is recorded on a medium." Objection under 35 USC 
101 is thus overcome. 

Rejection of claims 1 to 27 under 35 USC 112 first paragraph is surprising to the 
Applicant. Although it is agreed that the original claims correspond to a literal translation as 
requested by the PCT regulation requirements to enter the national phase in the United States, 
Applicant does not agree that the claim language is an obvious machine translation. 

Some of the Examiner's objections appears unfair to the Applicant. 

As an example, that "The phrase updating of the effect of said current instructions on the 
type stack the register table does not ensure that this takes place, thus making the claimed 
invention boarder than the written description" is technically and judicially unfounded and thus 
unfair to the Applicant. 

Particularly, Applicant refers to the specification translation and corrected version at page 
19 from line 25 to line 33 which contain quite the same phrase. 

That the claimed invention is broader than the written description as contended by the 
Examiner is thus traversed. 

The Examiner can either accept that the claimed and disclosed updating has taken place 
and the invention came to reduction to practice, or not. 

In the absence of evidences given by the Examiner that reduction to practice did not take 
place the objection is moot or even unfair to Applicant, in case it would be maintained. 
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Claims 1-27 are rejected under 35 USC 112 first paragraph for the claimed invention was 
not described in the specification. 

More particularly the virtual machine definition is not sufficient for the invention. 

The Examiner's attention is drawn to the specification translation from page 1, line 1 1 to 
page 3, line 3. 

Applicant believes and strongly emphasizes that the Examiner should be aware that using 
a virtual machine for interpreting applets within an embedded data-processing system is fully 
known to any person of ordinary skill in the corresponding art since 1996, as quoted with 
reference to the Tim LINDHOLM and Frank YELLIN publication at page 2, lines 30 to 55 of the 
specification translation, while the documentation edited by SUN MICROSYSTEMS Inc. on the 
JAVACARD 2.1 Virtual Machine Specification was available to every body since March 1999, 
as quoted at the paragraph spanning pages 2 and 3 of the specification translation. 

That the inventor had possession of the claimed invention which is not described in such 
a way to reasonably convey to one skilled in the art to embody the invention is traversed. 

In the absence of evidences given by the Examiner, no evidences are given that the 
invention unfounded to the Applicant. 

Claims 1 to 27 are rejected under 35 USC 112 second paragraph for they are generally 
narrative and indefinite. 

Amended claims are now recasted to comply with the US practice. 

Claims 1-7, 15-19 and 26-27 are rejected under 35 USC 102(b) for they lack novelty over 
U.S. patent 5,748,964 to Gosling. 

Claims 7, 19, 21 and 23 have been cancelled without prejudice. 

Although the patent to Gosling is said to meet the object of the invention, Gosling does 
not perform the verifying method of a fragment project as the method of the invention does. 

Particularly, Applicant refers to the specification translation at page 5 from lines 7 to 29 
in which the mode of operation of the system as disclosed by the U.S. patent 5,748,964 to 
Gosling is fully acknowledged and referred to as the third solution, known from the prior art. 

Applicant also refers to the International Preliminary Examination Report as established 
by the International Preliminary Examination Authority and the official translation thereof, of 
which a copy is provided herewith. 
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The Examiner's attention should be drawn and made aware of that the object code 
verifier as disclosed by Gosling, referred to as Dl, has the disadvantage of a complex and costly 
static code verification process both in terms of the code size required to control the processor 
and in terms of the RAM memory size, as well as in terms of calculation time, with these 
memory requirements being far greater than the resource capacity of most existing embedded 
(on-board) computer systems. 

In contradistinction to the prior art solution, the invention makes use of a method for 
standardizing an original object code into a standardized object code with an empty stack branch 
instruction using typed registers unlike the prior art methods, in which the stack type at every 
branching target must be stored in memory. The verification method of the invention requires 
only the type of the execute stack during the instruction execution being verified and does not 
store the stack type in memory for other subprograms. As a result, the memory capacity 
requirement is significantly reduced. 

More particularly with reference to the substitute specification translation at page 48 line 
10 to page 49 line 2, the Applicant further emphasizes that the invention is directed to a novel 
technique for byte code verification of JAVACARD program fragments, designated as applets, 
or for program fragments for similar environments. 

Basically the verification operation essentially consists in requiring that: 

A) the virtual operand stack be empty at each target on a branching instruction, the 
program fragment being thus rejected if this constraint is not satisfied; 

B) the type of the local variables, designated as registers, be identical at all point 
within a program fragment, designated as a method, the program fragment being 
thus rejected if this constraint is not satisfied. 

Satisfying the above mentioned constraints, in accordance with the method of the 
invention, allows a very efficient embedded bytecode verifier to be implemented. 

As clearly quoted on the preceding highlighted paragraph of the substitute specification 
translation, for a given program fragment using a maximum stack size of T p and P r registers, the 
memory size required by a byte code verifier according to the invention is a direct proportion to 
Tp + P r . 

By contrast, the verifiers known from the prior art, particularly from the US patent to 
Gosling, would have required a memory size in a direct proportion to (T p + P r ) x N b , the product 
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of T p + P r and the number Nb of targets of branching instructions included within the program 
fragment. 

The invention also concerns a method for transforming any program fragment accepted 
by any prior art verifier into a program fragment accepted by the bytecode verifier of the 
invention. 

Consequently, while most existing or marketed program fragments or applets would 
possibly be rejected when submitting them to a verifier of the invention, for these existing or 
marketed program fragments would not necessarily satisfy the above mentioned constraints A) 
and B), the invention also implements the method for transforming any existing or marketed 
program fragment, to be verified and then executed in accordance with the method for verifying 
of the invention. 

The invention, as implemented, appears thus fully useful for any existing or marketed 
program fragment and does not offend against 35 USC 101 requirements, as contended by the 
Examiner. 

The amended claims are recasted in accordance with the preceding statement by: 
canceling claims 1 to 3, 7, 19, 21 and 23; 

redrafting claim 4 by emphasizing corresponding constraint A) and B) which 
were explained before. 

Remaining amended claims 4, 5, 6, 8-18, 20, 22, 24-27 are thus clearly not anticipated by 
Gosling and are patentable, since introducing the above discussed constraints so as to allow a 
significant reduction of the memory size over the most prominent bytecode verifiers of the prior 
art, particularly these developed by SUN MICROSYSTEMS as disclosed by Gosling, was not 
known or obvious at the date at which the invention was made; 

recasting claims 20, 22, 24 and 25 as independent claims to cancel reference to 
another claim of different category. 
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In view of the foregoing comments and amendment, reconsideration and allowance are 



DLA PIPER RUDNICK GRAY CARY US LLP 

P.O. Box 64807 
Chicago, Illinois 60664-0807 
Phone: (312) 368-4000 
Customer No.: 28465 



requested. 



Respectfully submitted, 




Michael L. Kenaga 
Reg. No. 34,639 
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ABSTRACT OF THE DISCLOSURE 

A method and system for transforming and verifying downloaded programs fragments with data 
type restriction in an embedded system in which a program fragment being temporarily stored a 
verification process of the stored program fragment object code is executed instruction by 
instruction so as to discriminate for each instruction the existence of a target, a branching 
instruction target, a target of an exception handler call or a target of a subroutine call. On the 
occurrence of a target of a branching instruction as the current instruction, the empty status of the 
stack is verified and the program fragment is rejected otherwise. A verification process and 
updating of the effect of the current instruction on the data types of the type stack and the table 
of register types is performed. The verification process is successfully executed instruction by 
instruction until the table of register types is stable, with no modification being present, and 
interrupted with the program fragment being rejected otherwise. 



~CHGOl:30648694.vl 



PCT/FR00/02349 

TRAITE DE COOPERATION EN M ATI ERE DE BREVETS 



PCT 

NOTIFICATION DE TRANSMISSION DE COPIES 
DE LA TRADUCTION DU RAPPORT D'EXAMEN 
PRELIMINAIRE INTERNATIONAL 

(r&gle 72.2 <du PCT) 


Oestinataire: 

/Sep-- 

Cabinet Piasseraud / H * ^QQo : 
84, rue d'Amsterdam Lpbf aT^^^J 1 
F-75440 Paris Cedex 09 ^ ^e/v, 
FRANCE ^—S^ 


Oats d'exp6drtion (jour/mois/annde) 

16 avril 2002 (16.04.02) 


R6f6rence du dossier du deposant ou du mandataire 
BCT000077 


NOTIFICATION IMPORTANTE 


Demande intemationale no 
PCT/FROO/02349 


Date du depot international (jour/mois/annee) 
21 aoOt 2000 (21,08.00) 


Deposant 

TRUSTED LOGIC etc 



1. Transmission de la traduction au deposant. 

Le Bureau international transmet ci-joint copie de la traduction en langue anglaise qu'il a faite 
du rapport d'examen pr6liminaire international 6tabli par Tadministration charg6e de Texamen 
pr6lrminaire international. 

2. Transmission d'une copie de la traduction aux offices elus. 

Le Bureau international notifie au d6posant qu'une copie de cette traduction a 6t6 transmise aux 
offices §lus suivants qui exigent la traduction en question: 

CN,JP,US 



Les offices 6lus suivants ont renonc6 d I'exigence selon laqueile la transmission doit Stre 
effectu6e d cette date; ils recevront une copie de cette traduction du Bureau international 
seulement & leur demande: 

EP,AU,CA 



3. Rappel concernant la traduction dans la ou I'une des langues officielles de I 1 office ou des offices elus. 

II est rappele au deposant que, lorsqu'une traduction de la demande intemationale doit etre 
remise h un office 6lu, cette traduction doit comporter la traduction de toute annexe du rapport 
d'examen preliminaire international. 

II appartient au deposant d'etablir la traduction en question et de la remettre directement 

£ chaque office elu interess§ (r6gle 74.1). Voir le volume II du Guide du deposant du PCT pour 

de plus amples renseignements. 



Bureau international de I'OMPf 
34, chemin des Colombettes 
1211 Geneve 20, Suisse 


Fonctionnaire autorise 

IVtaria KIRCHNER 


no detelecopieur (41-22) 740.14.35 


no de telephone (41-22) 338.83.38 



Formulaire PCT/IB/338,.(juillet 1996) 



PATENT COOPERATION TREATY 

PCT 

INTERNATIONAL PRELIMINARY EXAMINATION REPORT 

(PCT Article 36 and Rule 70) 



Applicant's or agent's file reference 
BCT000077 


FOR FIJHTHFP attion See Notification of Transmittal of International 
rUK HJKl HtR ACTION Preliminary Examination Report (Form PCT/IPEA/416) 


International application No. 

PCT/FR00/02349 


International filing date {day/month/year) 
21 August 2000 (21.08.00) 


Priority date (day/month/year) 

23 August 1999 (23.08.99) 



International Patent Classification (IPC) or national classification and IPC 
G06F 9/445 



5 



Applicant 



TRUSTED LOGIC 



This international preliminary examination report has been prepared by this International Preliminary Examining 
Authority and is transmitted to the applicant according to Article 36. 



2. This REPORT consists of a total of 



. sheets, including this cover sheet. 



I | This report is also accompanied by ANNEXES, i.e., sheets of the description, claims and/or drawings which have 
' — ' been amended and are the basis for this report and/or sheets containing rectifications made before this Authority 
(see Rule 70.16 and Section 607 of the Administrative Instructions under the PCT). 

These annexes consist of a total of ■ sheets. 



This report contains indications relating to the following items: 
Basis of the report 
Priority 

Non-establishment of opinion with regard to novelty, inventive step and industrial applicability 
Lack of unity of invention 

Reasoned statement under Article 35(2) with regard to novelty, inventive step or industrial aDDlicabilitv 
citations and explanations supporting such statement " rr j> 

Certain documents cited 

Certain defects in the international application 

Certain observations on the international application 



1 


LXJ 


II 


□ 


III 


□ 


IV 


□ 


V 


IE! 


VI 


□ 


VII 


□ 


VIII 


(XI 



Date of submission of the demand 

20 March 2001 (20.03.01) 


Date of completion of this report 

20 November 2001 (20.1 1 .2001) 


Name and mailing address of the 1PEA/EP 
Facsimile No. 


Authorized officer 
Telephone No. 



Form PCT/1PEA/409 (cover sheet) (January 1994) 



INTERNATIONAL PRELIMINARY EXAMINATION REPORT 



International application No. 
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L Basis of the report 



1. This report has been drawn on the basis of (Replacement sheets which have been furnished to the receiving Office in response to an invitation 
under Article 14 are referred to in this report as "originally filed" and are not annexed to the report since they do not contain ameZmemsT 



[~] the international application as originally filed. 

the description, pages ^68 f ^ originally filed, 

pages _, filed with the demand, 

pages , filed with the letter of 

pages , filed with the letter of 



the claims, 



Nos. 
Nos. 
Nos. 
Nos. 
Nos. 



1-27 



, as originally filed, 

, as amended under Article 19, 

, filed with the demand, 

, filed with the letter of 

, filed with the letter of 



the drawings, 



sheets/fig 
sheets/fig 
sheets/fig 
sheets/fig 



1-14 



, as originally filed, 
, filed with the demand, 
, filed with the letter of 
, filed with the letter of 



2. The amendments have resulted in the cancellation of: 

□ the description, pages 

the claims, Nos. 



□ 

the drawings, sheets/fig 



3* f j This r * port has b een established as if (some of) the amendments had not been made, since they have been considered 
to go beyond the disclosure as filed, as indicated in the Supplemental Box (Rule 70.2(c)). 

4. Additional observations, if necessary: 
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V. Reasoned statement under Article 35(2) with regard to novelty, inventive step or industrial applicability; 
citations and explanations supporting such statement 

1. Statement 

Novelty (N) 



Inventive step (IS) 



Industrial applicability (IA) 



2. Citations and explanations 

1. Reference is made to the following document: 

Dl: US-A-5 748 964 

2. The present invention relates to a method for 
converting a conventional object code constituting 
an applet for execution by an on-board computer 
system having limited resources. 

Prior art : 

The download of an applet to an on-board computer 
system is subject to authenticity verification. Dl 
discloses static verification simulating the 
execution of the applet with data types and ensures, 
once and for all, that the applet code complies with 
the data type and access control rules set by the 
virtual machine and that it does not cause stack 
overflow. 

Problem : 

This solution has the disadvantage of a complex and 
costly static code verification process both in 
Form PCT/IPEA/409 (Box VIII) (January 1994) ~ ~ ~ 
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terms of the code size required to control the 
processor and in terms of the RAM memory size 
required to contain the intermediate verification 
results, as well as in terms of the calculation 
time. These memory requirements are far greater than 
the resource capacity of most existing on-board 
computer systems. 

Solution ; 

The present invention uses a process for 
standardising an original object code into a 
standardised object code with an empty stack branch 
instruction and a standardised code using typed 
registers such that any one register is used under a 
single type throughout the subprogram code. Unlike 
the prior art methods, in which the stack type at 
every branch target must be stored in memory/. the 
verification method of the present invention 
requires only the type of the execute stack during 
the instruction being verified and does not store 
the stack type in memory for other subprograms. As a 
result , the memory capacity requirement is reduced. 

3- The dependent claims relate to specific embodiments 
of the invention according to the independent 
claims. Therefore, they too comply with the 
requirements of novelty, inventive step and 
industrial applicability. 
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VIII. Certain observations on the international application 

The following observations on the clarity of the claims, description, and drawings or on the question whether the claims are fully 
supported by the description, are made: 

It is clear from page 38 of the description that the 
feature whereby the stack must be empty for each branch or 
branch target instruction, and/or all of the registers are 
reset when the method is initialised, is essential for the 
definition of the invention. Indeed, the phrase " updating 
of the effect of said current instruction on the type 
stack and the register type table" in no way means that 
conditions C3 and C4 (page 38), which are fundamental to 
the present invention, have been met. 
Since the independent claims do not contain these 
features, they fail to comply with the requirements of PCT 
Article 6 in combination with PCT Rule 6.3(b), according 
to which an independent claim must contain all of the 
technical features essential for the definition of the 
invention. Therefore, the independent claims do not meet 
the requirements of PCT Article 6. 



Form PCT/IPEA/409 (Box VIII) (January 1994) 



TRANSLATION 
CERTIFICATION 



RWS Group Ltd, of Europa House, Marsham Way, Gerrards Cross, Buckinghamshire, 
England, hereby declares that, to the best of its knowledge and belief, the following 
document, prepared by one of its translators competent in the art and conversant with the 
English and French languages, is a true and correct translation of the accompanying document 
in the French language. 



Signed this 4th day of August 2005 



C. E. SITCH 

Deputy Managing Director - UK Translation Division 
For and on behalf of RWS Group Ltd 



(12) DEMANDE INTERNATIONALE PUBLlfcE EN VERTLJ DU TRAITE DE COOPERATION 

EN MATltRE DE BREVETS (PCT) 



(19) Organisation Mondiale de la Propria 
Intellectuelle 

Bureau international 

(43) Datede la publication internationale 
1 mars 2001 (01.03.2001) 




PCT 



III 



(10) Numero de publication internationale 

WO 01/14958 A2 



(51) Classification internationale des brevets 7 : G06F 9/00 

(21) Numero de la demande internationale: 

PCT/FROO/02349 

(22) Date de dlpot international: 21 aofit 2000 (21.08.2000) 

(25) Langue de depot: francais 

(26) Langue de publication: francais 

(30) Donnles relatives a la priorite: 

99/10697 23 ao0t 1999 (23.08.1999) FR 

(71) Deposant (pour tons les Etats designes sauf US): 
TRUSTED LOGIC [FR/FR]; 23, avenue de Fulpmes, 
F-78450 Villepreux (FR). 



(72) Inventeur; et 

(75) lnventeur/Deposant (pour US settlement): LEROY, 
Xavier [FR/FR]; 88 bis, avenue de Paris, F-78000 Ver- 
sailles (FR). 

(74) Mandataires: FRECHEDE, Michel etc.; Cabinet 
Plasseraud, 84, rue d' Amsterdam, F-75440 Paris Cedex 09 
(FR). 

(81) Etats designed (national): AU, CA, CN, JP, US. 

(84) Etats designes (regional)' brevet europeen (AT, BE, CH, 
CY, DE, DK, ES, FI, FR, GB, GR, IE, IT, LU, MC, NL, PT, 
SE). 

Publiee: 

— Sans rapport de recherche internationale, sera republiee 
des reception de ce rapport 

f Suite sur la page suivante] 



(54) Title: MANAGEMENT PROTOCOL, METHOD FOR VERIFYING AND TRANSFORMING A DOWNLOADED PRO- 
GRAMME FRAGMENT AND CORRESPONDING SYSTEMS 

(54) Titre: PROTOCOLE DE GESTION, PROCEDE DE VERIFICATION ET DE TRANSFORMATION D'UN FRAGMENT DE 
PROGRAMME TELECHARGE ET S YSTEMES CORRESPOND ANTS 



< 

oo 
in 

ON 



O 




ACKNOWLEDGEMENT 



(57) Abstract: The invention relates to a management protocol and to a method for verifying a programme fragment, or applet, 
which has been downloaded onto a portable system. An applet downloading command (100a, 100b) is executed. Once a positive 
response has been received, the object code of the applet is read (101) and subjected (102) to a verification process, instruction by 
instruction. The verification process consists of a stage comprising the initialisation of the type stack and table of register types 
representing the state of the virtual machine of the portable system at the start of the execution of the applet code; and a verification, 
instruction by instruction, for each target current instruction, of the existence of a target branch instruction, a target exception handler 
call or a target sub-routine call, the effect of the instruction on me type stack and the table of register types being verified and updated. 
If the verification is successful (103a), the applet is registered (104) and an acknowledgement is sent (105) to the downloading drive. 
Otherwise, the applet is destroyed (106). The invention is suitable for use for portable systems in a Java environment. 
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